Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/WdWM6J8LvIQRFBcg70RLFryuAGA.roa
File: WdWM6J8LvIQRFBcg70RLFryuAGA.roa (raw, json)
Hash identifier: TFTq9Bduc6aZAbHmqgM7Rd250B3YqccMU0uyNhuz8YY=
Subject key identifier: 59:D5:8C:E8:9F:0B:BC:84:11:14:17:20:EF:44:4B:16:BC:AE:00:60
Certificate issuer: /CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Certificate serial: 018CC26D3492AB679E08850D413C01EA8000
Authority key identifier: 93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/WdWM6J8LvIQRFBcg70RLFryuAGA.roa
Signing time: Mon 01 Jan 2024 00:29:45 +0000
ROA not before: Mon 01 Jan 2024 00:29:45 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 208602
IP address blocks: 2a0e:aa01:aa00::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 02 Jan 2025 05:48:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8c:c2:6d:34:92:ab:67:9e:08:85:0d:41:3c:01:ea:80:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9361b5cd696825b74fccba7d97c3d0a2724ef3aa
Validity
Not Before: Jan 1 00:29:45 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=59d58ce89f0bbc8411141720ef444b16bcae0060
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:85:37:18:99:80:93:f4:52:bf:f6:9e:2e:a4:a7:
58:87:85:76:5b:4f:24:49:e3:4a:27:4a:ca:9f:42:
2c:e8:76:37:77:ad:ac:1d:5e:06:93:7e:6c:7a:5f:
56:a2:ce:bb:fe:be:42:74:c3:d3:54:db:10:e4:1d:
70:3a:af:bc:a0:05:4b:8c:dc:2c:8b:b0:b9:14:38:
7e:4b:9b:9f:c0:1b:5e:e1:05:d7:01:87:93:9f:4e:
dc:f0:0a:c3:09:07:d9:d0:c5:23:63:39:d8:73:a8:
64:1a:be:25:83:f9:20:6a:c3:60:f9:2a:d4:de:3b:
4a:d1:18:cb:d8:c9:67:a3:37:e3:c7:8f:d8:88:f7:
c3:e6:62:32:05:14:81:b1:48:12:1e:98:0d:38:37:
12:31:0a:ee:10:ea:8a:b5:ca:8f:de:70:1f:d2:2e:
21:0d:ef:19:72:69:4c:d6:63:af:01:82:3f:23:9d:
e5:c4:b1:e8:f8:a6:e8:f7:e9:9a:5a:a9:b2:48:d5:
57:6e:eb:2e:f6:2e:9f:2d:6b:20:81:ac:5d:da:6e:
bc:98:7b:e7:cf:47:84:d9:d1:f3:1f:c3:d1:7a:86:
59:ee:a1:ed:f8:47:38:c9:49:6f:87:6a:a1:98:4c:
89:88:c2:4c:04:5a:97:fe:60:48:32:a0:8b:94:c8:
26:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:D5:8C:E8:9F:0B:BC:84:11:14:17:20:EF:44:4B:16:BC:AE:00:60
X509v3 Authority Key Identifier:
keyid:93:61:B5:CD:69:68:25:B7:4F:CC:BA:7D:97:C3:D0:A2:72:4E:F3:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k2G1zWloJbdPzLp9l8PQonJO86o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/WdWM6J8LvIQRFBcg70RLFryuAGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/72bf2f-8e34-48a2-849a-a541d1bcee19/1/k2G1zWloJbdPzLp9l8PQonJO86o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0e:aa01:aa00::/40
Signature Algorithm: sha256WithRSAEncryption
50:56:f4:34:7d:83:dc:01:f8:09:bb:30:b6:ff:7f:50:6a:25:
57:73:62:cd:39:70:ce:1f:ad:83:14:51:05:91:a7:4d:d8:54:
20:14:bf:07:95:e0:8a:c4:18:cb:b9:05:f5:e4:f5:36:de:b1:
3a:34:83:18:ac:c7:16:55:5b:03:f2:8b:93:4c:44:63:91:d1:
18:b0:dc:62:cf:8c:e4:b4:be:d9:45:ed:18:5a:14:73:86:9a:
8c:61:ad:e4:71:ac:86:9a:1b:0d:b6:6d:7c:51:13:19:c8:fc:
f6:9b:d6:83:0e:e8:3d:87:9d:ca:3f:ea:d7:cd:65:2b:90:c3:
73:80:5b:4d:b1:a4:89:f9:c0:08:3c:3d:96:29:70:ac:79:8e:
e4:f7:4c:c1:a8:88:9c:e9:0f:ff:23:9d:ed:0c:68:44:a3:a2:
2a:4d:45:33:1e:41:5d:a2:9a:10:16:f2:c4:67:3e:92:0b:16:
27:88:bf:93:db:f4:17:7d:b7:2b:c3:df:b2:19:71:ae:29:a7:
d7:81:b1:1c:95:ee:bd:ac:4d:18:55:b1:9e:18:27:90:79:5b:
67:b7:f1:ee:fa:7a:d1:26:ff:7e:79:70:61:7d:0b:b4:5b:69:
5f:0e:b6:d4:77:07:f2:ed:e9:4e:09:2a:6b:34:5f:8c:14:2e:
b3:94:cb:8a
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAYzCbTSSq2eeCIUNQTwB6oAAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzNjFiNWNkNjk2ODI1Yjc0ZmNjYmE3ZDk3YzNkMGEyNzI0
ZWYzYWEwHhcNMjQwMTAxMDAyOTQ1WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1OWQ1OGNlODlmMGJiYzg0MTExNDE3MjBlZjQ0NGIxNmJjYWUwMDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhTcYmYCT9FK/9p4upKdYh4V2W08k
SeNKJ0rKn0Is6HY3d62sHV4Gk35sel9Wos67/r5CdMPTVNsQ5B1wOq+8oAVLjNws
i7C5FDh+S5ufwBte4QXXAYeTn07c8ArDCQfZ0MUjYznYc6hkGr4lg/kgasNg+SrU
3jtK0RjL2Mlnozfjx4/YiPfD5mIyBRSBsUgSHpgNODcSMQruEOqKtcqP3nAf0i4h
De8ZcmlM1mOvAYI/I53lxLHo+Kbo9+maWqmySNVXbusu9i6fLWsggaxd2m68mHvn
z0eE2dHzH8PReoZZ7qHt+Ec4yUlvh2qhmEyJiMJMBFqX/mBIMqCLlMgmIQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFFnVjOifC7yEERQXIO9ESxa8rgBgMB8GA1UdIwQY
MBaAFJNhtc1paCW3T8y6fZfD0KJyTvOqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEt
YTU0MWQxYmNlZTE5LzEvV2RXTTZKOEx2SVFSRkJjZzcwUkxGcnl1QUdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi83MmJmMmYtOGUzNC00OGEyLTg0OWEtYTU0MWQxYmNlZTE5
LzEvazJHMXpXbG9KYmRQekxwOWw4UFFvbkpPODZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAOBAIAAjAIAwYAKg6qAaow
DQYJKoZIhvcNAQELBQADggEBAFBW9DR9g9wB+Am7MLb/f1BqJVdzYs05cM4frYMU
UQWRp03YVCAUvweV4IrEGMu5BfXk9TbesTo0gxisxxZVWwPyi5NMRGOR0Riw3GLP
jOS0vtlF7RhaFHOGmoxhreRxrIaaGw22bXxRExnI/Pab1oMO6D2Hnco/6tfNZSuQ
w3OAW02xpIn5wAg8PZYpcKx5juT3TMGoiJzpD/8jne0MaESjoipNRTMeQV2imhAW
8sRnPpILFieIv5Pb9Bd9tyvD37IZca4pp9eBsRyV7r2sTRhVsZ4YJ5B5W2e38e76
etEm/355cGF9C7RbaV8OttR3B/Lt6U4JKms0X4wULrOUy4o=
-----END CERTIFICATE-----
Generated at Sun Feb 16 20:47:27 2025 by rpki-client